Using the Twitch API in an Extension Front End | Twitch Developers

App access token

The following example shows how to get an app access token.

Installation

Create an App

Required reading Getting Started with the Twitch API

$ npm install @callowcreation/basic-twitch-oauth

License

MIT

Loading and configuration

A Node server is required, express is used here.

Motivation

The statements below are still a bit beyond your experiences and you need/want to use a Twitch API… is my motivation.

Twitch API(s) now require that some endpoint request must have an authorization in the header. To acquire an access token for a Twitch API you must be familiar with an authentication flow. The flows supported by Twitch are Implicit code, authorization code, and client credentials.

See Twitch Authentication Docs

Register your app

The first step to getting an access token is to register your application (this includes Twitch Extensions and chatbots). To register an application:

  1. Log in to the developer console using your Twitch account. If you don’t have an account, select the Sign Up tab to create one.
  2. Select the Applications tab on the developer console and then click Register Your Application.
  3. Set Name to your application’s name. The name must be unique among all Twitch applications.
    Your app’s name is listed on the Connections page under Other Connections if your app requires user consent to access or modify the user’s resources.
  4. Set OAuth Redirect URLs to the callback URL that your app uses for authorizations. After adding your redirect URL, click Add.
  5. Select a Category (type of application) that your app belongs to.
  6. Click the I’m not a robot checkbox.
  7. Click Create.
  8. Back in the Applications tab, locate your app under Developer Applications, and click Manage.
  9. Note your Client ID, which you’ll use to get your access token and to set the Client-Id header in all API requests. Client IDs are considered public and can be embedded in a web page’s source.
  10. Depending on the flow you use to get a token, you may need a client secret. For example, the Authorization Code Grant Flow requires a client secret. Click New Secret to generate a secret that you’ll use to get your access token. You must copy the secret and store it somewhere safe. Getting a new secret invalidates the previous secret, which might make your API requests fail until you update your app.

IMPORTANT Treat client secrets as you would your password. You must keep it confidential and never expose it to users, even in an obscured form.

WARNING Do not share client IDs among applications; each application must have its own client ID. Sharing client IDs among applications may result in the suspension of your application’s access to the Twitch API.

After registering your app, the next step is to get a token.

Check out these code samples that show how to get access tokens:

Response codes

CodeDescription
200Request successfully authorized.
401Invalid or expired JWT.
429Rate limit exceeded.

Provide feedback for this page

Revoking access tokens

To revoke an access token, use the –revoke (-r) flag. The flag’s parameter identifies the token to revoke.

To revoke a token that was created using a different client ID than the one that the CLI is configured with, use the –client-id flag.

Похожее:  Что такое ИПРА инвалида, зачем она нужна и как ее получить? | Пикабу

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *